1. Field of the Invention
The present invention relates in general to an information security field, and more particularly to a method of providing a time stamping service for setting a client's system clock, wherein a service provider providing a public key infrastructure-based security service safely receives reference time information from a reliable third-party system and re-sets the client's system clock on the basis of the received reference time information, so as to assure the reliability of the client's system clock.
2. Description of the Prior Art
Recently, communication companies such as Korea Telecom have provided a public key infrastructure (PKI)-based security service together with an electronic data interchange (EDI) service for national pensions, electronic prescriptions, etc.
However, the PKI-based security service requires accuracy of time for verification of a certificate, but may not be normally provided due to time errors of a client, resulting in the leakage of incomings.
The main object of a typical time stamping service is to certify that a specific document has existed at a predetermined point of time and thus guarantee the accuracy of time.
For this reason, related documents have not referred to mechanisms for applying the time stamping service to the setting of a system clock of a client.
For the validity verification of a certificate using a certificate revocation list in connection with the public key infrastructure-based security service, there is no conclusion defined for a source of local time information as a benchmark for the validity verification and how to download the local time information from the source.
As a result, a system clock of a client employing the security service is generally used as the local time information. Provided that the system clock of the client is inaccurate, the security service will not be provided in spite of the fact that the certificate revocation list and certificate are valid.